#VU7567 Buffer overflow

Published: 2017-07-18

Vulnerability identifier: #VU7567

Vulnerability risk: Medium


CVE-ID: CVE-2017-7246


Exploitation vector: Network

Exploit availability: No


The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error in pcre32_copy_substring() function in pcre_get.c in libpcre1 in PCRE 8.40. A remote unauthenticated attacker can create a specially crafted file, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

Latest bulletins with this vulnerability